Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1697
Views
5
Helpful
5
Replies

Nexus 1000V interfaces not forwarding

Martin Jaburek
Level 1
Level 1

‎12-13-2011 02:32 AM - last edited on ‎03-25-2019 01:36 PM by Community Manager

Hi all,

I have a problem, that interfaces shows as up, but it does not actually work - it doesn't work.

When I tried vemcmd show port:

LTL   VSM Port  Admin Link  State  PC-LTL  SGID  Vem Port

   18     Eth4/2     UP   UP    F/B*      0        vmnic1

   49      Veth7     UP   UP    FWD       0        vmk0

   50     Veth13     UP   UP    FWD       0        Nexus1000V-4.0.4.SV1.3d.eth2

   51     Veth12     UP   UP    FWD       0        Nexus1000V-4.0.4.SV1.3d.eth1

   52     Veth10     UP   UP    FWD       0        Nexus1000V-4.0.4.SV1.3d.eth0

   53      Veth1     UP   UP    FWD       0        uda20.eth0

   54      Veth8     UP   UP    FWD       0        Nexus1000V-4.0.4.SV1.3d (Second

   56      Veth3     UP   UP    FWD       0        Nexus1000V-4.0.4.SV1.3d (Second

* F/B: Port is BLOCKED on some of the vlans.

How can I found out which vlan is blocked?

0 Helpful
5 Replies 5

mipetrin
Cisco Employee
Cisco Employee

‎12-13-2011 03:41 AM

Hi Martin,

If you wish to verify what vlans are on each port, execute:

# vemcmd show port vlans

It is normal to see that statement about BLOCKED vlans, if you are not allowing all possible vlans.

You stated that it doesn't work. What symptoms are you seeing to say it doesn't work?

From your output, it is only reporting for vmnic1.

What vlans are you allowing on the upstream switch port connected to this vmnic?

The port-profile for this vmnic allows which vlans?

If you could be more specific about what isn't working, we can help.

Thanks,

Michael

0 Helpful

Martin Jaburek
Level 1
Level 1
In response to mipetrin

‎12-13-2011 03:57 AM

Hi Michael,

my setup is that I have two servers connected via switch (which does not understand vlans), essentialy I have only one data vlan 104. The whole setup was working, but then I tried upgrade to 4.2.1(4a) and now I lost connectivity to that vlan (VMs and VSM mgmt0)

Maybe the problem is with the native vlan on that trunk (here it says number 1):

[root@exs-x86demo9 ~]# vemcmd show port vlans

                        Native  VLAN   Allowed

  LTL   VSM Port  Mode  VLAN    State  Vlans

   18     Eth4/2   T        1   FWD    5,10,104

   49      Veth7   A      104   FWD    104

   50     Veth13   A       10   FWD    10

   51     Veth12   A      104   FWD    104

   52     Veth10   A        5   FWD    5

   53      Veth1   A      104   FWD    104

   54      Veth8   A       10   FWD    10

   56      Veth3   A        5   FWD    5

and configured port-profile for eth4/2:

port-profile Rack4Uplink

type: Ethernet

description: taggedUplink

status: enabled

max-ports: 32

min-ports: 1

inherit:

config attributes:

  switchport mode trunk

  switchport trunk native vlan 104

  switchport trunk allowed vlan 5,10,104

  no shutdown

evaluated config attributes:

  switchport mode trunk

  switchport trunk native vlan 104

  switchport trunk allowed vlan 5,10,104

  no shutdown

assigned interfaces:

  Ethernet4/2

  Ethernet6/1

  Ethernet6/2

port-group: Uplink_Rack4

system vlans: 5,10

capability l3control: no

capability iscsi-multipath: no

port-profile role: none

port-binding: static

0 Helpful

Martin Jaburek
Level 1
Level 1
In response to Martin Jaburek

‎12-13-2011 03:58 AM

I just added vlan 104 to the system vlans section on the Rack4Uplink and now it works. But I don't know why it should not work...? (show module showed all modules and both VSMs)

0 Helpful

Martin Jaburek
Level 1
Level 1
In response to Martin Jaburek

‎12-13-2011 04:20 AM

interesting thing is, that now the command show port vlans display the native vlan correctly as 104:

                        Native  VLAN   Allowed

  LTL   VSM Port  Mode  VLAN    State  Vlans

   18     Eth4/2   T      104   FWD    5,10,104

   49      Veth7   A      104   FWD    104

   50     Veth13   A       10   FWD    10

   51     Veth12   A      104   FWD    104

   52     Veth10   A        5   FWD    5

   53      Veth1   A      104   FWD    104

   54      Veth8   A       10   FWD    10

   56      Veth3   A        5   FWD    5

  305        Po1   T      104   FWD    5,10,104

0 Helpful

mipetrin
Cisco Employee
Cisco Employee
In response to Martin Jaburek

‎12-13-2011 04:30 AM

Hi Martin,

I can see that you have configured the control VLAN as 5, management as 104, and packet as 10.

The control VLAN is where most of the communication takes place, that allows the VSM to see the VEM (as in your output of show module).

In your initial configuration, you correctly defined the control and packet VLANs as system vlans. However, the management VLAN should also be a system VLAN to ensure that it is always forwarding (even after a reboot of the VSM and prior to it coming back up), as this is an important VLAN for you to manage the VSM itself. Although, this is mainly important when the VSM is behind a VEM. In this scenario, if you don't define it as a system vlan, then you can run into traffic disruption as you have experienced. 

Further details regarding system vlans and their use can be found in previous posts on the forums. Good place to start:

https://supportforums.cisco.com/thread/2012512

Thanks,

Michael

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card